Cryptomining malware continues to crop up in unexpected places, including the Triton virus infecting SCADA control systems last December in Saudi Arabia and more recently for a European municipal water utility and in the central Russian nuclear control facility in Sarov. The latter location is interesting because the staffers had the rather bright idea to find an Ethernet card and connect their resident supercomputer to the Internet for the mining operations, which was promptly discovered (the machine is supposed to remain offline). And Coinhive cryptominers have infected more than five thousand government websites in the US, UK and Australia, using the BrowseAloud plug-in that is used to help visually-impaired people visit websites.
If you are looking for a great spy novel that has some very realistic IT schemes and scenes, I would highly recommend TL Williams’ Zero Day: China's Cyber Wars. The book’s realism took two years for the CIA to clear it (Williams was a former CIA operations officer), and he claims he had very little cybersecurity knowledge before starting to write it.
-- David Strom, editor of Inside Security